Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.
Unchecked Return Value
Unchecked Return Value
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in